The group of hackers has been identified as “Berserk Bear.” According to the investigation, the hackers are likely to be state-sponsored by the Russian FSB intelligence agency. The hackers are suspected of using the supply chain to infiltrate into German IT infrastructures, says various investigation agencies. According to the investigation, these hackers use openly available malware to permanently infiltrate the company’s I.T. network and access sensitive information, along with having complete control over the company’s server. The agencies didn’t find any damaging evidence against the companies and have refused to offer any comment for the current situation.
The group Berserk Bear is infamous for stealing the U.S. energy companies’ data in the year 2018. U.S. President Donald Trump had blamed Russia for the attack. According to cybersecurity experts, Berserk Bear is the group that Moscow is most likely to contact if there is a need to hack the industrial networks. Another hacking team called “Sandworm” was famous for the attack that shut down Ukraine’s power supply in 2016 and 2018.
According to Cyberscoop, a cybersecurity website, “Sven Herpig, a cybersecurity expert with the German think tank SNV, welcomed the advisory and urged German companies to heed the warning. The memo has “concrete recommendations of how to spot and protect against an intrusion” from Berserk Bear, he said. The Russian Embassy in Washington, D.C., did not respond to a request for comment on the German agencies’ report.” Berserk Bear is responsible for various cyberattacks on American and German electrical utilities since 2018, say the cybersecurity experts. The group has been aggressive and attacked several companies.